Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/1-iMvEBGXsfJu2kFA30dFvNhzS4g.roa
File:                     1-iMvEBGXsfJu2kFA30dFvNhzS4g.roa (raw, json)
Hash identifier:          SF7ND94isd1Zs6msUBD9anG1h2gSr4HaFpX6Dy11R2Y=
Subject key identifier:   FA:23:2F:10:11:97:B1:F2:6E:DA:41:40:DF:47:45:BC:D8:73:4B:88
Certificate issuer:       /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial:       0188622272F18B21799E5F46764B0B3DA8BD
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/1-iMvEBGXsfJu2kFA30dFvNhzS4g.roa
Signing time:             Sun 28 May 2023 11:33:24 +0000
ROA not before:           Sun 28 May 2023 11:33:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39216
IP address blocks:        188.72.63.0/24 maxlen: 24
                          188.72.62.0/24 maxlen: 24
                          188.72.61.0/24 maxlen: 24
                          188.72.60.0/24 maxlen: 24
                          188.72.59.0/24 maxlen: 24
                          188.72.4.0/24 maxlen: 24
                          188.72.2.0/24 maxlen: 24
                          188.72.7.0/24 maxlen: 24
                          188.72.6.0/24 maxlen: 24
                          188.72.5.0/24 maxlen: 24
                          188.72.35.0/24 maxlen: 24
                          188.72.34.0/24 maxlen: 24
                          185.72.253.0/24 maxlen: 24
                          185.72.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 13 Aug 2023 06:18:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:62:22:72:f1:8b:21:79:9e:5f:46:76:4b:0b:3d:a8:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
        Validity
            Not Before: May 28 11:33:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fa232f101197b1f26eda4140df4745bcd8734b88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:3d:4f:38:7a:ac:6a:aa:8e:9f:7d:44:ae:8c:
                    18:fa:67:86:91:a4:ce:22:b0:7a:e8:29:ab:40:91:
                    17:34:01:fa:10:c7:e1:3d:f1:31:ed:b6:61:ed:e6:
                    73:61:5b:e2:b4:e5:be:d1:6f:56:b9:91:4a:5c:b4:
                    8d:1c:14:33:95:c3:04:85:4e:44:3b:50:9c:93:12:
                    bf:fa:bf:01:68:44:08:52:7e:96:be:8f:db:77:65:
                    58:18:0c:bd:67:11:7a:e3:0d:e5:5c:2c:bc:d7:1a:
                    e0:73:81:cd:eb:a6:fa:aa:3f:de:6b:28:2c:eb:f5:
                    cb:9b:d0:66:4d:ba:5f:47:ab:24:af:d8:74:fe:ba:
                    f3:24:ab:cc:52:cd:f7:bd:56:4c:2e:d4:c5:09:1a:
                    a5:39:7f:13:8a:da:b8:6c:27:6b:29:d7:43:f0:89:
                    09:f6:01:08:1b:cc:e5:1f:e4:77:5e:49:3e:ca:f5:
                    91:56:16:9b:6f:c2:6d:75:e1:a3:3c:6d:76:cc:8f:
                    1d:65:8f:6a:d6:34:ff:ad:e9:6d:50:38:57:36:58:
                    3f:8c:a5:3c:fd:31:50:b4:8b:fe:f2:a7:9a:61:a0:
                    2a:fc:3c:22:71:64:99:d1:a7:dd:0e:3f:5b:ba:3d:
                    f2:cd:f7:ca:68:d3:25:3a:18:2d:f6:7e:a6:41:e9:
                    87:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:23:2F:10:11:97:B1:F2:6E:DA:41:40:DF:47:45:BC:D8:73:4B:88
            X509v3 Authority Key Identifier:
                keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/1-iMvEBGXsfJu2kFA30dFvNhzS4g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.72.252.0/23
                  188.72.2.0/24
                  188.72.4.0/22
                  188.72.34.0/23
                  188.72.59.0-188.72.63.255

    Signature Algorithm: sha256WithRSAEncryption
         29:95:5a:d7:71:b1:2a:3c:2f:f6:19:bc:c1:58:01:cc:1c:aa:
         54:33:40:f0:7c:39:7f:b4:4f:5d:f3:e8:39:4b:6b:85:06:da:
         4f:b6:8c:7b:df:c5:a0:60:cd:6e:e2:56:13:39:03:bf:5c:35:
         f9:b4:a2:0d:6e:e5:99:70:9d:2d:8c:79:d9:b1:3f:af:33:5e:
         eb:b9:2e:b7:df:b8:7f:d1:37:96:73:1c:25:98:63:04:6b:c2:
         89:83:ae:87:12:12:95:0d:cf:52:f9:7f:b8:79:51:26:f0:32:
         4c:fb:0a:3e:01:9b:96:ea:a4:6d:03:f0:40:cd:87:59:aa:3d:
         45:20:47:b3:1f:ad:bc:5c:a5:75:1d:dc:05:bd:9c:20:ae:b1:
         ac:d8:8d:e4:eb:48:59:ae:36:2b:df:0d:27:39:b6:71:7b:d8:
         8e:06:89:4e:85:ea:1e:c4:3b:3a:0a:93:1c:24:76:37:5c:47:
         7f:06:cd:6d:ed:ea:49:9e:ab:c3:a5:a2:36:79:92:03:18:1d:
         cf:62:ba:26:fa:4c:76:c8:60:e9:a6:98:2b:84:c2:77:de:3d:
         54:78:48:0a:33:4c:0f:8e:f7:5b:36:11:7f:a0:8f:67:2d:f5:
         a0:fe:12:55:3d:1c:29:ed:0e:37:a1:d3:19:8c:66:84:13:21:
         4b:d6:fc:ce
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYhiInLxiyF5nl9GdksLPai9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjMwNTI4MTEzMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTIzMmYxMDExOTdiMWYyNmVkYTQxNDBkZjQ3NDViY2Q4NzM0Yjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyD1POHqsaqqOn31ErowY+meGkaTO
IrB66CmrQJEXNAH6EMfhPfEx7bZh7eZzYVvitOW+0W9WuZFKXLSNHBQzlcMEhU5E
O1CckxK/+r8BaEQIUn6Wvo/bd2VYGAy9ZxF64w3lXCy81xrgc4HN66b6qj/eaygs
6/XLm9BmTbpfR6skr9h0/rrzJKvMUs33vVZMLtTFCRqlOX8Titq4bCdrKddD8IkJ
9gEIG8zlH+R3Xkk+yvWRVhabb8JtdeGjPG12zI8dZY9q1jT/reltUDhXNlg/jKU8
/TFQtIv+8qeaYaAq/DwicWSZ0afdDj9buj3yzffKaNMlOhgt9n6mQemH1QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPojLxARl7HybtpBQN9HRbzYc0uIMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvMS1pTXZFQkdYc2ZKdTJrRkEzMGRGdk5oelM0Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2MvMDU1NGEyLWQzZDktNGZjNC04ZWQ1LWRlOTE0NjlkMzc3
Mi8xL0RGRkFLQ1dSLVpFdmxqbnVGQksyMGR6X0NHRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA/BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAblI/AME
ALxIAgMEArxIBAMEAbxIIjAMAwQAvEg7AwQGvEgAMA0GCSqGSIb3DQEBCwUAA4IB
AQAplVrXcbEqPC/2GbzBWAHMHKpUM0DwfDl/tE9d8+g5S2uFBtpPtox738WgYM1u
4lYTOQO/XDX5tKINbuWZcJ0tjHnZsT+vM17ruS6337h/0TeWcxwlmGMEa8KJg66H
EhKVDc9S+X+4eVEm8DJM+wo+AZuW6qRtA/BAzYdZqj1FIEezH628XKV1HdwFvZwg
rrGs2I3k60hZrjYr3w0nObZxe9iOBolOheoexDs6CpMcJHY3XEd/Bs1t7epJnqvD
paI2eZIDGB3PYrom+kx2yGDpppgrhMJ33j1UeEgKM0wPjvdbNhF/oI9nLfWg/hJV
PRwp7Q43odMZjGaEEyFL1vzO
-----END CERTIFICATE-----